Vendor Manager

About The Position

Requirements

• 3–5+ years of experience in vendor management, third-party risk, IT governance, compliance, or risk analysis.
• Proficiency in LLM technology and utilization of such tools to manage the complexities of the research and analysis are critical to the success of the role.
• Effective hands-on usage of LLM technology-based tools to help achieve department Ends
• Experience reviewing vendor contracts and tracking renewals.
• Exposure to third-party risk assessments and security questionnaire processes.
• Strong analytical and documentation skills.
• Highly curious, and a desire for continuous improvement of the customer experience and risk management processes.
• Experience managing SaaS inventories or technology portfolios.
• Proficiency in Excel and vendor management platforms.
• Analytical and risk-based decision-making
• Strategic thinking
• Strong organization skills
• AI and data governance awareness
• Strong cross-functional collaboration
• Process optimization mindset
• Executive-ready reporting skills
• Strive to reflect our five cultural values in all efforts: Put the Customer First, Do What You Say, Work Together, Be Innovative and Do the Right Thing.

Nice To Haves

• Experience supporting SOC 2, ISO 27001, or similar audits.
• Familiarity with OneTrust or TPRM platforms.
• Exposure to AI governance, data risk management, or emerging technology risk.
• Understanding of AI model risk principles (bias, explainability, regulatory impact).

Responsibilities

• Maintain contract repository and track renewal dates
• Coordinate renewals with Legal and Procurement
• Maintain vendor tier classifications and risk profiles
• Track remediation items and follow up with vendors.
• Review and distribute security questionnaires.
• Collect and analyze SOC reports, cyber insurance documentation, and compliance artifacts.
• Identify and execute Continuous improvement opportunities for the customer experience
• Proactively do research on the vendors spaces to track trends, risks and current events. Raise risks as needed.
• Conduct AI-focused vendor risk assessments, including model usage, training data sources, and data retention practices.
• Evaluate vendor AI posture and develop AI risk scoring methodology.
• Assess AI model risk exposure, including bias, explainability, and regulatory considerations.
• Partner with Security to detect and mitigate Shadow AI usage across the organization.
• Track vendor data exposure risk and data-sharing pathways.
• Coordinate OneTrust integrations and AI governance workflows.
• Review and evaluate AI/data-related clauses in contracts, including: Data ownership, Data residency, Model training rights, Sub processor disclosures, AI indemnification and liability language
• Partner with Legal to strengthen AI and data protection contractual standards.
• Support AI/data usage contractual reviews during vendor onboarding and renewals.
• Maintain enterprise SaaS inventory and technology portfolio map.
• Analyze license utilization and identify consolidation opportunities.
• Develop SaaS rationalization strategy to reduce redundant platforms.
• Assess overlapping AI tool capabilities and risk duplication.
• Provide cost-risk optimization recommendations to leadership.
• Develop vendor risk dashboards and AI posture reporting.
• Create executive-level reporting on: AI vendor exposure, Data risk trends, Model risk concentration, SaaS redundancy and cost optimization

Benefits

• 401(k) plan with company contribution up to 16%
• Generous time off package that includes paid vacation, personal, sick, and holidays
• Paid maternity and parental leave
• Tuition reimbursement
• Medical, dental, vision, and prescription coverage
• Free lunch every day when working on campus
• Onsite fitness center
• A beautiful 1.25-mile walking path